I want to integrate LDAP authentication in Django, but missing some configuration I guess

I want to integrate LDAP authentication in Django, but even authentication is not happening i.e even after providing the correct LDAP credentials the user details in the Django admin panel the user details are not getting stored in the Django user model.

Here's my setttings.py file in Django

AUTH_LDAP_SERVER_URI = 'ldaps://xxxxxx:636'
AUTH_LDAP_BIND_DN = 'CN=xxxxx,OU=Service,OU=Accounts,OU=SF_SAP,DC=sf,DC=priv'
AUTH_LDAP_BIND_PASSWORD = 'xxxxxxxx'
AUTH_LDAP_USER_SEARCH = LDAPSearch('OU=User,OU=Accounts,OU=SF_SAP, DC=sf,DC=priv',ldap.SCOPE_SUBTREE, '(CN=%(user)s)')

AUTH_LDAP_USER_ATTR_MAP = {
        "first_name": "givenName",
        "last_name": "sn",
        "email": "mail",
        "username": "uid",
        "password": "userPassword",
}
AUTH_LDAP_PROFILE_ATTR_MAP = {
        "home_directory": "homeDirectory"
}
AUTH_LDAP_ALWAYS_UPDATE_USER = True
AUTH_LDAP_CACHE_TIMEOUT = 3600

AUTHENTICATION_BACKENDS = (
        'django_auth_ldap.backend.LDAPBackend',
        'django.contrib.auth.backends.ModelBackend',
)

Can someone please point out what am I missing?

It would appear that the search filter is wrong : according to the user attribute map, username maps to uid, if it's correct the search filter should be '(uid=%(user)s)' :

AUTH_LDAP_USER_SEARCH = LDAPSearch(
  'OU=User,OU=Accounts,OU=SF_SAP, DC=sf,DC=priv', ldap.SCOPE_SUBTREE, '(uid=%(user)s)'
)

But it could be the contrary (hard to know without a user dn example) : if the authentication works but user provisioning doesn't, then fix the mapping : "username": "cn".

You might also want to double check that all users you are trying to authenticate belong to the specified subtree 'OU=User,OU=Accounts,OU=SF_SAP, DC=sf,DC=priv'.

Back to Top